Google Git
Sign in
qemu / qemu / e0d9c6f93729c9bfc98fcafcd73098bb8e131aeb
commite0d9c6f93729c9bfc98fcafcd73098bb8e131aeb[log] [tgz]
authorChunqiang Tang <ctang@us.ibm.com>Thu Feb 03 10:12:49 2011 -0500
committerKevin Wolf <kwolf@redhat.com>Thu Feb 10 13:23:44 2011 +0100
tree3fb49fe18a687f023bb5eb1e7a662109b625a46c
parent982aa95532a3a7b549695d5b3e18442975eecfb5 [diff]
QCOW2: bug fix - read base image beyond its size

This patch fixes the following bug in QCOW2. For a QCOW2 image that is larger
than its base image, when handling a read request straddling over the end of the
base image, the QCOW2 driver attempts to read beyond the end of the base image
and the request would fail.

This bug was found by Fast Virtual Disk (FVD)'s fully automated testing tool.
The following test triggered the bug.

dd if=/dev/zero of=/var/ramdisk/truth.raw count=0 bs=1 seek=1098561536
dd if=/dev/zero of=/var/ramdisk/zero-500M.raw count=0 bs=1 seek=593099264
./qemu-img create -f qcow2 -ocluster_size=65536,backing_fmt=blksim -b /var/ramdisk/zero-500M.raw /var/ramdisk/test.qcow2 1098561536
./qemu-io --auto --seed=30477694 --truth=/var/ramdisk/truth.raw --format=qcow2 --test=blksim:/var/ramdisk/test.qcow2 --verify_write=true --compare_before=false --compare_after=true --round=100000 --parallel=100 --io_size=10485760 --fail_prob=0 --cancel_prob=0 --instant_qemubh=true

Signed-off-by: Chunqiang Tang <ctang@us.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 files changed
tree: 3fb49fe18a687f023bb5eb1e7a662109b625a46c
  1. audio/
  2. block/
  3. bsd-user/
  4. darwin-user/
  5. default-configs/
  6. docs/
  7. fpu/
  8. fsdev/
  9. gdb-xml/
  10. hw/
  11. linux-user/
  12. net/
  13. pc-bios/
  14. QMP/
  15. roms/
  16. scripts/
  17. slirp/
  18. sysconfigs/
  19. target-alpha/
  20. target-arm/
  21. target-cris/
  22. target-i386/
  23. target-m68k/
  24. target-microblaze/
  25. target-mips/
  26. target-ppc/
  27. target-s390x/
  28. target-sh4/
  29. target-sparc/
  30. tcg/
  31. tests/
  32. ui/
  33. .gitignore
  34. .gitmodules
  35. a.out.h
  36. acl.c
  37. acl.h
  38. aes.c
  39. aes.h
  40. aio.c
  41. alpha-dis.c
  42. alpha.ld
  43. arch_init.c
  44. arch_init.h
  45. arm-dis.c
  46. arm-semi.c
  47. arm.ld
  48. async.c
  49. balloon.c
  50. balloon.h
  51. block-migration.c
  52. block-migration.h
  53. block.c
  54. block.h
  55. block_int.h
  56. blockdev.c
  57. blockdev.h
  58. bswap.h
  59. bt-host.c
  60. bt-host.h
  61. bt-vhci.c
  62. buffered_file.c
  63. buffered_file.h
  64. cache-utils.c
  65. cache-utils.h
  66. Changelog
  67. check-qdict.c
  68. check-qfloat.c
  69. check-qint.c
  70. check-qjson.c
  71. check-qlist.c
  72. check-qstring.c
  73. cmd.c
  74. cmd.h
  75. CODING_STYLE
  76. compatfd.c
  77. compatfd.h
  78. config.h
  79. configure
  80. console.c
  81. console.h
  82. COPYING
  83. COPYING.LIB
  84. cpu-all.h
  85. cpu-common.h
  86. cpu-defs.h
  87. cpu-exec.c
  88. cpus.c
  89. cpus.h
  90. cris-dis.c
  91. cursor.c
  92. cursor_hidden.xpm
  93. cursor_left_ptr.xpm
  94. cutils.c
  95. def-helper.h
  96. device_tree.c
  97. device_tree.h
  98. dis-asm.h
  99. disas.c
  100. disas.h
  101. dma-helpers.c
  102. dma.h
  103. dyngen-exec.h
  104. elf.h
  105. envlist.c
  106. envlist.h
  107. exec-all.h
  108. exec.c
  109. gdbstub.c
  110. gdbstub.h
  111. gen-icount.h
  112. HACKING
  113. hmp-commands.hx
  114. host-utils.c
  115. host-utils.h
  116. hpet.h
  117. hppa-dis.c
  118. hppa.ld
  119. i386-dis.c
  120. i386.ld
  121. ia64-dis.c
  122. ia64.ld
  123. input.c
  124. ioport-user.c
  125. ioport.c
  126. ioport.h
  127. iorange.h
  128. iov.c
  129. iov.h
  130. json-lexer.c
  131. json-lexer.h
  132. json-parser.c
  133. json-parser.h
  134. json-streamer.c
  135. json-streamer.h
  136. kvm-all.c
  137. kvm-stub.c
  138. kvm.h
  139. libfdt_env.h
  140. LICENSE
  141. linux-aio.c
  142. m68k-dis.c
  143. m68k-semi.c
  144. m68k.ld
  145. MAINTAINERS
  146. Makefile
  147. Makefile.dis
  148. Makefile.hw
  149. Makefile.objs
  150. Makefile.target
  151. Makefile.user
  152. microblaze-dis.c
  153. migration-exec.c
  154. migration-fd.c
  155. migration-tcp.c
  156. migration-unix.c
  157. migration.c
  158. migration.h
  159. mips-dis.c
  160. mips.ld
  161. module.c
  162. module.h
  163. monitor.c
  164. monitor.h
  165. nbd.c
  166. nbd.h
  167. net-checksum.c
  168. net.c
  169. net.h
  170. notify.c
  171. notify.h
  172. os-posix.c
  173. os-win32.c
  174. osdep.c
  175. osdep.h
  176. oslib-posix.c
  177. oslib-win32.c
  178. path.c
  179. pci-ids.txt
  180. pflib.c
  181. pflib.h
  182. poison.h
  183. posix-aio-compat.c
  184. ppc-dis.c
  185. ppc.ld
  186. ppc64.ld
  187. qbool.c
  188. qbool.h
  189. qdict-test-data.txt
  190. qdict.c
  191. qdict.h
  192. qemu-aio.h
  193. qemu-barrier.h
  194. qemu-char.c
  195. qemu-char.h
  196. qemu-common.h
  197. qemu-config.c
  198. qemu-config.h
  199. qemu-doc.texi
  200. qemu-error.c
  201. qemu-error.h
  202. qemu-img-cmds.hx
  203. qemu-img.c
  204. qemu-img.texi
  205. qemu-io.c
  206. qemu-lock.h
  207. qemu-log.h
  208. qemu-malloc.c
  209. qemu-nbd.c
  210. qemu-nbd.texi
  211. qemu-objects.h
  212. qemu-option.c
  213. qemu-option.h
  214. qemu-options.h
  215. qemu-options.hx
  216. qemu-os-posix.h
  217. qemu-os-win32.h
  218. qemu-queue.h
  219. qemu-sockets.c
  220. qemu-tech.texi
  221. qemu-thread.c
  222. qemu-thread.h
  223. qemu-timer-common.c
  224. qemu-timer.c
  225. qemu-timer.h
  226. qemu-tool.c
  227. qemu-x509.h
  228. qemu.sasl
  229. qemu_socket.h
  230. qerror.c
  231. qerror.h
  232. qfloat.c
  233. qfloat.h
  234. qint.c
  235. qint.h
  236. qjson.c
  237. qjson.h
  238. qlist.c
  239. qlist.h
  240. qmp-commands.hx
  241. qobject.h
  242. qstring.c
  243. qstring.h
  244. range.h
  245. readline.c
  246. readline.h
  247. README
  248. rules.mak
  249. rwhandler.c
  250. rwhandler.h
  251. s390-dis.c
  252. s390.ld
  253. savevm.c
  254. sh4-dis.c
  255. simpletrace.c
  256. simpletrace.h
  257. softmmu-semi.h
  258. softmmu_defs.h
  259. softmmu_exec.h
  260. softmmu_header.h
  261. softmmu_template.h
  262. sparc-dis.c
  263. sparc.ld
  264. sparc64.ld
  265. spice-qemu-char.c
  266. sysemu.h
  267. targphys.h
  268. tcg-runtime.c
  269. thunk.c
  270. thunk.h
  271. TODO
  272. trace-events
  273. translate-all.c
  274. uboot_image.h
  275. usb-bsd.c
  276. usb-linux.c
  277. usb-stub.c
  278. VERSION
  279. version.rc
  280. vgafont.h
  281. vl.c
  282. x86_64.ld